U.S. Provisional Patent Application 60/466,910 entitled SYSTEM, METHOD, AND APPARATUS FOR SIMPLIFIED PRIVATE MESSAGING by the present inventors, (hereinafter referred to as ‘the foundation disclosure’) describes a distributed system of client and server software capabilities that cooperate to provide messaging privacy services. That system, which is being marketed under the name ArmorPost, makes two significant assumptions about its operating environment.
First, the Trusted Courier is a single network element owned by a single entity. While this serves the needs of that single entity, and provides effective service for all users, it is not possible to establish competing yet inter-operating message privacy services using the single-Courier design described in the foundation disclosure. Further, it may be difficult for security-sensitive organizations to deploy a Trusted Courier as described in the foundation disclosure inside their enterprise networks and thereby exert a measure of control over their private messaging traffic.
What is needed, then, is an extension to the system described in the foundation disclosure which allows for multiple Trusted Couriers to operate independently of one another with respect to their own users, yet interoperate with one another to transport Private Messages and related services among their disparate user communities.
Second, the Trusted Courier represents a nexus through which both Private Messages and their corresponding Access Restrictions Messages flow. The fact that these messages are sent separately in time provides substantial security. However, an even greater degree of assurance against abuse of the Trusted Courier's unique position in the network can be achieved by routing those two messages through completely separate elements.
What is needed, then, is an extension to the system described in the foundation disclosure which allows for any Trusted Courier to be distributed across two network servers, which may be further distributed even to two physical sites separated by a significant distance, such that encrypted message content flows through one server while corresponding content key material flows through the other.
It is thus a principal aim of the present invention to create architectures and protocols for distributing and replicating the Trusted Courier, thereby enhancing its applicability and trustworthiness.